//package com.junmoo.www.auth.config.authorization;
//
//import lombok.extern.slf4j.Slf4j;
//import org.springframework.http.server.reactive.ServerHttpRequest;
//import org.springframework.security.access.AccessDeniedException;
//import org.springframework.security.authorization.AuthorizationDecision;
//import org.springframework.security.authorization.ReactiveAuthorizationManager;
//import org.springframework.security.core.Authentication;
//import org.springframework.security.core.GrantedAuthority;
//import org.springframework.security.web.server.authorization.AuthorizationContext;
//import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
//import org.springframework.stereotype.Component;
//import org.springframework.util.AntPathMatcher;
//import org.springframework.web.server.ServerWebExchange;
//import reactor.core.publisher.Flux;
//import reactor.core.publisher.Mono;
//
//import java.util.Collection;
//
///**
// * 授权管理器
// */
//@Component
//@Slf4j
//public class CloudAuthorizationManager implements ReactiveAuthorizationManager<AuthorizationContext> {
//    private AntPathMatcher antPathMatcher = new AntPathMatcher();
//    @Override
//    public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, AuthorizationContext authorizationContext) {
//        log.info("------访问 AuthorizationManager  。。。。。。。。。。。"+authentication);
//        return authentication.map(auth -> {
//            ServerWebExchange exchange = authorizationContext.getExchange();
//            ServerHttpRequest request = exchange.getRequest();
//            String path = request.getURI().getPath();
//
//            Collection<? extends GrantedAuthority> authorities = auth.getAuthorities();
//            for (GrantedAuthority authority : authorities) {
//                String authorityAuthority = authority.getAuthority();
//                if (antPathMatcher.match(authorityAuthority, path)) {
//                    log.info(String.format("用户请求API校验通过，GrantedAuthority:{%s}  Path:{%s} ", authorityAuthority, path));
//                    return new AuthorizationDecision(true);
//                }
//            }
//            return new AuthorizationDecision(false);
//        }).defaultIfEmpty(new AuthorizationDecision(false));
//    }
//
////    @Override
////    public Mono<Void> verify(Mono<Authentication> authentication, AuthorizationContext authorizationContext) {
////        return check(authentication, authorizationContext)
////                .filter(d -> d.isGranted())
////                .switchIfEmpty(Mono.defer(() -> {
////                    return Mono.error(new AccessDeniedException("Access Denied"));
////                }))
////                .flatMap(d -> Mono.empty());
////    }
//
//}
